CVE-2024-35694 PoC — WordPress WPMobile.App plugin <= 11.41 - Cross Site Scripting (XSS) vulnerability

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-35694.yaml

Associated Vulnerability

Title:WordPress WPMobile.App plugin <= 11.41 - Cross Site Scripting (XSS) vulnerability (CVE-2024-35694)
Description:Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Amauri WPMobile.App wpappninja.This issue affects WPMobile.App: from n/a through <= 11.41.

Description

WPMobile.App versions up to 11.41 contain a reflected cross-site scripting (XSS) caused by improper input neutralization during web page generation, letting attackers execute scripts in the victim's browser, exploit requires attacker to craft malicious input.

File Snapshot


 id: CVE-2024-35694

info:
  name: Wordpress WPMobile.App >= 11.42 - Cross-Site Scripting
  author: S

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →